In an ornate boardroom, a group of executives gathered at a large round table for their annual strategic planning meeting. Morgan, the CEO, was surrounded by Lana, the VP of Sales; Susan, the CISO, Smith, the COO; and Barbara, Chief Compliance Officer. There was much to get done in the next twelve months, so they were passionately debating how best to invest their limited budget to achieve their goals and to address various sources of risk.
After a morning of going over the numbers and weighing their options, the leaders had reached an impasse.
“We need to expand our territory”, the VP of Sales insisted. “We must invest in horses! If our knights continue using coconuts to get around, we’ll just fall further behind.”
The CISO interrupted, offering a different opinion, “I disagree, Lana. There will be nothing to expand if our defenses are breached. We should invest in upgrading the walls and building a moat! We have to protect our critical assets.”
Not sitting idly by, the COO jumped in, “You are forgetting that we actually need to run this place. We need additional blacksmiths and blade sharpeners – not to mention the cobblestone repairs I requested last time. Just last week, an entire donkey fell in the pothole down on Oak Street.”
“Remember, the Emperor expects us to conduct annual inspections,” the Compliance Officer stated emphatically. “We need to keep our production up, our staff well trained, and our supplies in top shape. You remember the last time we failed an audit? Heads rolled. Literally,”
The CEO pursed her lips and looked around pensively, “Barbara is quite right, we don’t want to see that happen again and I’d rather not lose another compliance head if we can help it. Each of you makes (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Anthony Israel-Davis. Read the original post at: https://www.tripwire.com/state-of-security/risk-based-security-for-executives/plights-round-table-weighing-risks/